<script type="text/javascript">
function Validate()
{
	if(document.passwordform.cpassword.value=="")
	{
		alert("Please enter current password");	
		return false;
	}
	if(document.passwordform.npassword.value=="")
	{
		alert("Please enter new password");	
		return false;
	}
	if(document.passwordform.npassword.value!=document.passwordform.rpassword.value)
	{
		alert("New password and Confirm password does not match");	
		return false;
	}
}
</script>
<?php
if($_REQUEST['_s']==1)
{ ?>
	<div class="sucmsg" align="center"><img src="images/information.png" align="absmiddle" />&nbsp;Updated Successfully</div>
<?php } 
if($_REQUEST['_s']==2)
{ ?>
	<div class="errmsg" align="center"><img src="images/information.png" align="absmiddle" />&nbsp;Wrong current password</div><?php } ?>
<form name="passwordform" method="post" action="index.php?tc=changepass&_a=1" onsubmit="return Validate();">
<?php
$admin=mysql_fetch_array(mysql_query("select * from administration"));
?>
<table align="center" width="500" border="0" cellpadding="0" cellspacing="0"  class="list">
<thead>
<tr>
	<td align="left" colspan="2">
	Change Password
	</td>
</tr>
</thead>
<tr>
  <td align="right" class="formtdbg" >Email address :&nbsp;   </td>
  <td align="left" class="formtdright"><input type="text" name="cemail" value="<?php echo $admin['Email']?>" style="width:200px" /></td>
</tr>
<tr>
	<td align="right" class="formtdbg" >Current Password :&nbsp;   </td>
	<td align="left" class="formtdright"><input type="password" name="cpassword" style="width:200px" /></td>
</tr>
<tr>
	<td align="right" class="formtdbg" >New Password :&nbsp;   </td>
	<td align="left" class="formtdright"><input type="password" name="npassword" style="width:200px" /></td>
</tr>
<tr>
	<td align="right" class="formtdbg" >Confirm Password :&nbsp;   </td>
	<td align="left" class="formtdright"><input type="password" name="rpassword" style="width:200px" /></td>
</tr>
<tr>
	<td align="right"  class="formtdbg" height="30px"></td>
    <td  class="formtdright" align="left">
	<input type="submit" class="crmButton small add" name="btninsert" value="Save"/>
	<input type="reset" class="crmButton small add" name="btnreset" value="Reset" /></td>
</tr>   
</table>
</form>

<?php
if($_REQUEST['_a']==1)
{
	if($_POST['btninsert'])
	{
		$currentpass = $_POST['cpassword'];
		$md5curpass = md5($currentpass);
		$npassword = $_POST['npassword'];	
		$newpass = md5($npassword);
		$uid = $_SESSION['tcADMINID'];
		
		$check = mysql_num_rows(mysql_query("select * from administration where Password='$md5curpass' and Id='$uid'"));
		if($check == 1)
		{
			mysql_query("update administration set Password='$newpass',Email='".$_POST['cemail']."' where Id='$uid'");
			echo "<script>window.location='index.php?tc=changepass&_s=1'</script>";
			//header("location: index.php?tc=changepass&_s=1");
		}
		else
		{
			//header("location: index.php?tc=changepass&_s=2");
			echo "<script>window.location='index.php?tc=changepass&_s=2'</script>";
		}
	}
}
?>